While implementing #11414 (OIDC Backchannel Logouts), I needed a way to invalidate login tokens, which is not possible because they are macaroons.

A way of solving this would be to save them in database instead.
One problem is that it makes the creation of login tokens async, which impacts the Module API:

• complete_sso_login, which is sync, but was deprecated in Synapse 1.13.0 in favour of complete_sso_login_async
• generate_short_term_login_token, which is also sync.

My plan is to do a first PR which adds a create_login_token async method and deprecates the generate_short_term_login method, and then another one for actually saving the login tokens in the database